package com.example.mysecurity.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("stu")
public class StudentController {

    @RequestMapping("insert")
    public String insert(){
        return "添加学生";
    }

    @RequestMapping("update")
    public String update(){
        return "修改学生";
    }

    @PreAuthorize("hasRole('ROLE_管理员')")   //一定要加ROLE_的前缀，在spring内部会进行split
    @RequestMapping("del")
    public String del(){
        return "删除学生";
    }

    @RequestMapping("select")
    public String select(){
        return "查询学生";
    }
    @RequestMapping("list")
    public String list(){
        return "学生列表";
    }
}
